Main menu

Possible upcoming attempts to disable the Tor network

The Tor Project has learned that there may be an attempt to incapacitate our network in the next few days through the seizure of specialized servers in the network called directory authorities. (Directory authorities help Tor clients learn the list of relays that make up the Tor network.) We are taking steps now to ensure the safety of our users, and our system is already built to be redundant so that users maintain anonymity even if the network is attacked. Tor remains safe to use.

We hope that this attack doesn't occur; Tor is used by many good people. If the network is affected, we will immediately inform users via this blog and our Twitter feed @TorProject, along with more information if we become aware of any related risks to Tor users.

The Tor network provides a safe haven from surveillance, censorship, and computer network exploitation for millions of people who live in repressive regimes, including human rights activists in countries such as Iran, Syria, and Russia. People use the Tor network every day to conduct their daily business without fear that their online activities and speech (Facebook posts, email, Twitter feeds) will be tracked and used against them later. Millions more also use the Tor network at their local internet cafe to stay safe for ordinary web browsing.

Tor is also used by banks, diplomatic officials, members of law enforcement, bloggers, and many others. Attempts to disable the Tor network would interfere with all of these users, not just ones disliked by the attacker.

Every person has the right to privacy. This right is a foundation of a democratic society. For example, if Members of the British Parliament or US Congress cannot share ideas and opinions free of government spying, then they cannot remain independent from other branches of government. If journalists are unable to keep their sources confidential, then the ability of the press to check the power of the government is compromised. If human rights workers can't report evidence of possible crimes against humanity, it is impossible for other bodies to examine this evidence and to react. In the service of justice, we believe that the answer is to open up communication lines for everyone, securely and anonymously.

The Tor network provides online anonymity and privacy that allow freedom for everyone. Like freedom of speech, online privacy is a right for all.

[Update Monday Dec 22: So far all is quiet on the directory authority front, and no news is good news.]
[Update Sunday Dec 28: Still quiet. This is good.]

We know Tor probably has nothing to do with the Sony attack; the public don't. They will just believe whatever the government tell them. If the government want Tor to be down, they can put the blame on Tor (regardless of whether the attack really came from Tor), and shut down any servers or personal computers running Tor.

NSA in particular have been looking for a "justifiable cause" to attack TOR recently comment where made to the effect that operatives where"helping the tor team find possible weaknesses".

There are some interesting points to consider

1) many relays are high capacity high speed relays.not the sort of thing you would usually associate with a volunteer network of users.

2) "copyright" holders. have been wanting to find ways to control internet traffic to their advantage. citing"piracy" having not managed to get their way through offician channels their MO is not to try and get under the table agreements allowing them to directly interfere with DNS lockup tables at the backbone level.

3) As has already been pointed out. leaving aside outfits like the silk road drug distribution network criminals, including terrorists DO NOT use tor simple because they KNOW that doing to would bring them to the attention of the authorities .

4) Governments have increasingly been taking the assumption that they, and they alone are entitled to privacy no one else matters. the oft quoted"nothing to hide, nothing to fear" comes to mind and does not hold water.

I note that today(23/12/14 it took several attempts to establish a TOR connection, this is in itself an atypical experience for me usually i am able to establish a connection first try, within 30 seconds. 60 seconds max.

this leads me to believe two possible scenarios are in operation

a) fallback measures are being put into place
or
b) TOR is under active attack.

LOL, I think that North Korea doesn't have a unit 21 of high qualified hackers because it is too dangerous to have them.
1) North Korea is isolated from internet => there is a very little people who understand what these "hackers" do => who will supervise these men? They will be selfsupervised.
2) They have to give them unlimited access to foreign internet (because noone except them understand what they do and wheither they really need this information)
3) The hacker is a freeminded man.
4) 2) + 3) => they will understand all the shit about North Korea and will get angry.
5) because they cannot be controlled, they can start secretely destroying NK from the inside and noone can detemine that.

I think that
1) it is a psyop made to create a casus belli to put the screws on Internet in the US (see http://patch.com/california/studiocity/obama-slams-sony-north-korea-cal… )
2) NK is a voluntary scarecrow to frighten the citizens of all the countries of the world. One more reason to distract them from inner problems and remember them that if they require too much freedoms, rights and respect, the state will have to take measures like in NK such as cruel penalties for all law breaking, a collective penalty (very effective multieffect mesure), prohibition all the potentially uncontrollable means of taking freedom (arms, crypto without key escrow, computers without backdoors, radios with possibility to tune it, etc) with very cruel penalties, authoritarian/totalitarian regime enshrined in law, high taxes (to make people think only about that how to survive this taxes (paying them and surviving after it)), etc...

that is a somewhat bogus analysis. you obviously don't understand what brainwashing is, how it works, and or what motivates people to work. Your analysis of the system is done based on purely on western views. Surely if this were the case, there would be no Chineese, American, Russian, or any other nationalist hackers as well. Lets break this down.

>1) North Korea is isolated from internet => there is a very little people who understand what these "hackers" do => who will supervise these men? They will be selfsupervised.

Grew up in an isolated enviroment, being brainwashed since day one that NK is the best, and probably for a long time, that they are the elite of North Korea, and that everything else is pure propaganda. Given there is only 21 of them in a country of 7 million, there is no reason that NK can't give them special privledge that no one else gets, or other carrots, in addition to the brainwashing.

>2) They have to give them unlimited access to foreign internet (because noone except them understand what they do and wheither they really need this information)

and this gives them major leverage in North Korean society. Even if they understood how harmful NK is, they'd have to give up their status as elites. Or mabey even besides NK internet they are still not a fan of the USA and see themselves the way America does, as anti-Imperialist crusaders. Many other anti-USA nations are now sending envoys to NK to warm ties.

>3) The hacker is a freeminded man.

the American/Western hacker tradition grew out of countercultures very unique to America/the west, and its very anti-tech, very anti-intellectual cultures. "Hackers" as we know them, grew up being hated for being as such, by people who hated and feared the machines.

This is not an imperative of the computer using skill. There are no western style self-taught hackers from North Korea. Their hackers are taught, and funded by the state, and most likely developed a culture along radically diffrent lines.

People have this strange notion that everyone in North Korea is getting ready to defect at a moments notice, and that its basicly like East Germany, with no real popular support, or willpower. It is nothing more than rhetoric based on propaganda.

seems you are still trying to play "democracy == usa" card. it's just false pretend. it "was" but now it "is" police state with enormous brain washing capabilities. sure there is small nearly negligible part of usa government structures with sympathy to democracy way but en masse control is in nsa/cia/fbi hands. There is the place where main harm to internet is done and ongoing. And this unhuman structure arise on uncontrolled spending of tax players money and falsifying constitution.
and after all recent disclosures you still trying to speculate on possibility of small number of foreign hackers to "harm" whole internet already owned/controlled by nsa...

Well, actually those NK hackers were trained when they were young children.The authorities needed to do tests to choose those who had gift to study hacking skills and gave them proper educations and training, like sending them abroad (Of course cutting off the contacts of outside is very essential) and then sending them back to the university. NK has a special unit in composed of elite hackers.Their skills are no better
than super hackers from US, UK, Deutschland, Russia etc. Despite this brain wash is still vitally important~
hope can help~

Actually, NK, does have internet in several different open ad closed variations ! Furthermore, there is a Unit 21, in addition to many more dedicated sections and subsections [ with various and different responsibilities ] !
There was an excellent blog on Twitter from @cyberwar, who mapped and scanned many of the different computers and their IP addresses, even so far as to I'd a Macbook.
So, the lesson here is...don't spout unscholarly drivel just to inflate your own ego. Now that you have been properly scolded, I take my leave.
TOR ROCKS PLANET EARTH...NEVER QUIT !

whatever suck up! i have a CCC attack going on and a Hp attack,Label print attack,Power Director attack Going on ever since the X-Box360 attack on Christmas! It Looks like a clean install! But I will mention that I got a mystery update By Microcrap itsef !!!! KB 971033 , once I installed it more SHTF! Microsoftis BAD !

>U.S. officials also tell CNN the hackers routed the attack through servers in countries from Asia, Europe and Latin America, even some in the U.S.

>The hackers used common DNS masking techniques to make it look like it was coming from those places, but the National Security Agency and FBI were able to track it back to North Korea.
>North Korean internet traffic is routed through China, which is one way they are able to hide their activity, but the FBI was still able to trace it back to the origin, sources tell CNN.

This sounds like Tor is totally useless against the NSA and that they are able to see a full path through a Tor circuit back to the Tor client but if they are able to do this why would FBI need to seize Tor directory authority servers for the purpose of investigation?

Tor is not what I would describe as "common DNS masking techniques". It sounds like the Sony people used something much simpler than Tor. For example, a common bad-guy approach is to break into a computer and then route your traffic through it. And a common bad-guy slip-up is to accidentally make a direct connection once because you wanted to see if your attack is working or something like that.

extremely useful advice. falsifier #1 is "U.S. Government and/or U.S. corporations".
bcose as they say 'national security matter, so shut up an eat'.
and it can be just a pr action before attack on nk country. btw is nk in one basket with kgb state?

The Sony hack by Sony was my first thought until they pulled the movie. Even so, if it is re-released it certainly has plenty of free press. And if the leader of North Korea weighs in with a positive review, who knows. He looks ready to enjoy some NBA games and give up on all this fearless leader business.
:-)

Sony pulled the plug because they knew the movie was going to be a flop. Instead of having the balls to admit failure they create the big hack scare and place the blame on someone other than themselves.

of course it's sony hacking sony, helped by US govt.
sony gets to test punk marketing for a movie and manipulates the public to pay for a movie they'd probably normally illegally download by 'mah stars and stripes' patriotism rant.

US govt gets another reason to ramp up sanctions against ronery korea as well as kicking TOR in the head and looking like internet supercops.

US corps play along for their own interests and the paradigm of white hats v black hats is clearly defined for the sheeple so they can go back to sleep.

Greetings Tor.
Your insider may wish to purchase a crash helmet..
As you know Tor was attacked by #LizardSquad @MafiaSquad.
They and #FinestSquad are part of a huge FBI/US intelligence psy op.
I will leave you to ponder upon the implications of this
Good to see the attack was a big fail.
Happy new year Tor...It's gonna be a fun packed one for sure!

If you know any people or groups who misunderstand the value of Tor, you can teach them why trying to undermine the Tor network would harm a lot of good people and generally cause huge collateral damage. Explain how Tor has helped you in your work. Help spread the word.

So, short answer, don't worry too much. We wanted to be safe and tell you just in case it turns into something.

Recent Updates

Hi! There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.3.3.2-alpha from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release some time in February.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

Tor 0.3.3.2-alpha is the second alpha in the 0.3.3.x series. It introduces a mechanism to handle the high loads that many relay operators have been reporting recently. It also fixes several bugs in older releases. If this new code proves reliable, we plan to backport it to older supported release series.

Changes in version 0.3.3.2-alpha - 2018-02-10

Major features (denial-of-service mitigation):

Give relays some defenses against the recent network overload. We start with three defenses (default parameters in parentheses). First: if a single client address makes too many concurrent connections (>100), hang up on further connections. Second: if a single client address makes circuits too quickly (more than 3 per second, with an allowed burst of 90) while also having too many connections open (3), refuse new create cells for the next while (1-2 hours). Third: if a client asks to establish a rendezvous point to you directly, ignore the request. These defenses can be manually controlled by new torrc options, but relays will also take guidance from consensus parameters, so there's no need to configure anything manually. Implements ticket 24902.

Major bugfixes (netflow padding):

Stop adding unneeded channel padding right after we finish flushing to a connection that has been trying to flush for many seconds. Instead, treat all partial or complete flushes as activity on the channel, which will defer the time until we need to add padding. This fix should resolve confusing and scary log messages like "Channel padding timeout scheduled 221453ms in the past." Fixes bug 22212; bugfix on 0.3.1.1-alpha.